@nuvlore/extension-workday-infra-access 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +3 -7
- package/vendor/extension-read-only-toolkit/LICENSE +0 -202
- package/vendor/extension-read-only-toolkit/README.md +0 -29
- package/vendor/extension-read-only-toolkit/package.json +0 -46
- package/vendor/extension-read-only-toolkit/src/devops-data-paths.mjs +0 -222
- package/vendor/extension-read-only-toolkit/src/devops-diagnostics.mjs +0 -440
- package/vendor/extension-read-only-toolkit/src/enterprise-api-read.mjs +0 -180
- package/vendor/extension-read-only-toolkit/src/read-only-command-pack.mjs +0 -1
- package/vendor/extension-read-only-toolkit/src/read-only-plan.mjs +0 -45
- package/vendor/extension-read-only-toolkit/src/read-only-shell-policy.d.mts +0 -26
- package/vendor/extension-read-only-toolkit/src/read-only-shell-policy.mjs +0 -170
|
@@ -1,170 +0,0 @@
|
|
|
1
|
-
export const READ_ONLY_ALLOWED_TOOLS = [
|
|
2
|
-
"Read",
|
|
3
|
-
"Glob",
|
|
4
|
-
"Grep"
|
|
5
|
-
];
|
|
6
|
-
|
|
7
|
-
export const READ_ONLY_DISALLOWED_TOOLS = [
|
|
8
|
-
"Agent",
|
|
9
|
-
"Task",
|
|
10
|
-
"TaskCreate",
|
|
11
|
-
"Write",
|
|
12
|
-
"Edit",
|
|
13
|
-
"NotebookEdit",
|
|
14
|
-
"TodoWrite",
|
|
15
|
-
"ExitPlanMode",
|
|
16
|
-
"EnterWorktree",
|
|
17
|
-
"WebFetch",
|
|
18
|
-
"WebSearch",
|
|
19
|
-
"AskUserQuestion"
|
|
20
|
-
];
|
|
21
|
-
|
|
22
|
-
export const MUTATING_SHELL_TOKENS = [
|
|
23
|
-
/\bapply\b/i,
|
|
24
|
-
/\bcreate\b/i,
|
|
25
|
-
/\bdelete\b/i,
|
|
26
|
-
/\bdestroy\b/i,
|
|
27
|
-
/\bedit\b/i,
|
|
28
|
-
/\binstall\b/i,
|
|
29
|
-
/\bpatch\b/i,
|
|
30
|
-
/\bpush\b/i,
|
|
31
|
-
/\breplace\b/i,
|
|
32
|
-
/\brestart\b/i,
|
|
33
|
-
/\brollout\s+(restart|undo)\b/i,
|
|
34
|
-
/\brm\b/i,
|
|
35
|
-
/\bscale\b/i,
|
|
36
|
-
/\bset\b/i,
|
|
37
|
-
/\bstart\b/i,
|
|
38
|
-
/\bstop\b/i,
|
|
39
|
-
/\btaint\b/i,
|
|
40
|
-
/\buntaint\b/i,
|
|
41
|
-
/\bupgrade\b/i,
|
|
42
|
-
/\bwrite\b/i,
|
|
43
|
-
/\bchmod\b/i,
|
|
44
|
-
/\bchown\b/i,
|
|
45
|
-
/\bmv\b/i,
|
|
46
|
-
/\bcp\b/i,
|
|
47
|
-
/\bmkdir\b/i,
|
|
48
|
-
/\btouch\b/i,
|
|
49
|
-
/\btee\b/i,
|
|
50
|
-
/\bcurl\b.*\|\s*(sh|bash)\b/i,
|
|
51
|
-
/\bwget\b.*\|\s*(sh|bash)\b/i,
|
|
52
|
-
/(^|[^<])>(?!\s*&\d)/,
|
|
53
|
-
/>>/,
|
|
54
|
-
/\|\s*(xargs\s+)?(sh|bash|kubectl\s+apply|terraform\s+apply|helm\s+upgrade|rm|tee)\b/i,
|
|
55
|
-
/(^|[^&|]);\s*/,
|
|
56
|
-
/&&|\|\|/,
|
|
57
|
-
/`|\$\(/,
|
|
58
|
-
/\b--write\b/i,
|
|
59
|
-
/\b--force\b/i,
|
|
60
|
-
/\b--yes\b|\b-y\b/i
|
|
61
|
-
];
|
|
62
|
-
|
|
63
|
-
export const READ_ONLY_COMMAND_PATTERNS = [
|
|
64
|
-
/^\s*pwd\s*$/,
|
|
65
|
-
/^\s*ls(\s|$)/,
|
|
66
|
-
/^\s*find\s+/,
|
|
67
|
-
/^\s*(rg|grep)\s+/,
|
|
68
|
-
/^\s*(cat|head|tail|sed|awk|wc)\s+/,
|
|
69
|
-
/^\s*curl\s+-k\s+-sS\s+-o\s+\/dev\/null\s+-w\s+'[A-Za-z0-9_=%{}:./ -]+\\n'\s+https:\/\/[A-Za-z0-9_.:-]+\/[A-Za-z0-9_./:@%+=,~-]+(\s|$)/,
|
|
70
|
-
/^\s*hostname(\s|$)/,
|
|
71
|
-
/^\s*command\s+-v\s+/,
|
|
72
|
-
/^\s*klist(\s|$)/,
|
|
73
|
-
/^\s*git\s+(status|diff|log|show|branch|remote|rev-parse|describe|ls-files)(\s|$)/,
|
|
74
|
-
/^\s*kubectl\s+(get|describe|logs|top|api-resources|api-versions|explain|version|cluster-info|config\s+(current-context|get-contexts|view))(\s|$)/,
|
|
75
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+airflow\s+dags\s+list-runs\s+-d\s+[A-Za-z0-9_.:@/-]+(?:\s+--no-backfill)?(?:\s+--output\s+(?:json|table|yaml|plain))?(?:\s+\|\s+head\s+-\d+)?\s*$/,
|
|
76
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+airflow\s+tasks\s+states-for-dag-run\s+[A-Za-z0-9_.:@/-]+\s+[A-Za-z0-9_.:@+=,~%/-]+(?:\s+--output\s+(?:json|table|yaml|plain))?(?:\s+\|\s+head\s+-\d+)?\s*$/,
|
|
77
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+airflow\s+tasks\s+logs\s+[A-Za-z0-9_.:@/-]+\s+[A-Za-z0-9_.:@/-]+\s+[A-Za-z0-9_.:@+=,~%/-]+\s+--try-number\s+\d+\s+\|\s+head\s+-\d+\s*$/,
|
|
78
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+airflow\s+tasks\s+render\s+[A-Za-z0-9_.:@/-]+\s+[A-Za-z0-9_.:@/-]+\s+[A-Za-z0-9_.:@+=,~%/-]+\s+\|\s+head\s+-\d+\s*$/,
|
|
79
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+cat\s+\/(?:(?:data|hadoop\/disk2)\/workday-bds-airflow|data\/airflow)\/logs\/[A-Za-z0-9_.:@+=,~%/-]+(?:\s+\|\s+head\s+-\d+)?\s*$/,
|
|
80
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+grep\s+-E\s+'[A-Za-z0-9_.:@+=,~%|/-]+'\s+\/(?:(?:data|hadoop\/disk2)\/workday-bds-airflow|data\/airflow)\/logs\/[A-Za-z0-9_.:@+=,~%/-]+(?:\s+\|\s+tail\s+-n\s+\d+)?\s*$/,
|
|
81
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+grep\s+-E\s+'[A-Za-z0-9_.:@+=,~%|/-]+'\s+\/usr\/local\/airflow\/(?:airflow_s3_config\.json|dags\/[A-Za-z0-9_.:@+=,~%/-]+)(?:\s+\|\s+(?:head|tail)\s+-\d+)?\s*$/,
|
|
82
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+printenv\s+\|\s+grep\s+-E\s+'\^\(AWS_\|GOOGLE_\|GOOGLE_APPLICATION_CREDENTIALS\|HADOOP_\|HADOOP_CONF_DIR\|AIRFLOW_S3_CONFIG_PATH\)'\s+\|\s+sed\s+-E\s+'s\/=\.\*\/=\[present\]\/'\s+\|\s+head\s+-\d+\s*$/,
|
|
83
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+printenv\s+HADOOP_CREDENTIAL_PROVIDER_PATH\s*$/,
|
|
84
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+hadoop\s+credential\s+list\s+\|\s+head\s+-\d+\s*$/,
|
|
85
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+grep\s+-h\s+-E\s+'fs\.s3a\.aws\.credentials\.provider\|fs\.s3a\.endpoint\|fs\.s3a\.impl\|google\.cloud\.auth'\s+\/etc\/hadoop\/conf\/(?:core-site|hdfs-site|mapred-site|yarn-site)\.xml(?:\s+\/etc\/hadoop\/conf\/(?:core-site|hdfs-site|mapred-site|yarn-site)\.xml)*\s+\|\s+head\s+-\d+\s*$/,
|
|
86
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+cat\s+\/usr\/local\/airflow\/(?:airflow_s3_config\.json|dags\/[A-Za-z0-9_.:@+=,~%/-]+)(?:\s+\|\s+head\s+-\d+)?\s*$/,
|
|
87
|
-
/^\s*kubectl\s+exec\s+-n\s+airflow\s+(?:pod\/)?[A-Za-z0-9._:@%/-]+(?:\s+-c\s+[A-Za-z0-9._:@%/-]+)?\s+--\s+hadoop\s+fs\s+-(?:ls|du|count|stat|test)(?:\s+-d)?\s+s3a:\/\/[A-Za-z0-9][A-Za-z0-9_.-]*[A-Za-z0-9](?:\/[A-Za-z0-9_.:@+=,~%/-]*)?(?:\s+\|\s+head\s+-\d+)?\s*$/,
|
|
88
|
-
/^\s*kcsb\s+(get|describe|logs|top|api-resources|api-versions|explain|version|cluster-info|config\s+(current-context|get-contexts|view))(\s|$)/,
|
|
89
|
-
/^\s*kinit\s+-kt\s+\/[A-Za-z0-9._/-]+\s+[A-Za-z0-9_.@/-]+(\s|$)/,
|
|
90
|
-
/^\s*yarn\s+application\s+-status\s+application_[0-9]+_[0-9]+(\s|$)/,
|
|
91
|
-
/^\s*yarn\s+logs\s+-applicationId\s+application_[0-9]+_[0-9]+(\s|$)/,
|
|
92
|
-
/^\s*yarn\s+node\s+-status\s+(?!-)[A-Za-z0-9._:@%-]+:45454(\s|$)/,
|
|
93
|
-
/^\s*hdfs\s+crypto\s+-listZones(\s|$)/,
|
|
94
|
-
/^\s*hdfs\s+dfs\s+-(ls|du|find|cat|tail|test|count|stat)\s+/,
|
|
95
|
-
/^\s*hdfs\s+dfsadmin\s+-report(\s|$)/,
|
|
96
|
-
/^\s*hadoop\s+fs\s+-(ls|cat|head|du|count|stat|test|text)(\s|$)/,
|
|
97
|
-
/^\s*helm\s+(list|status|history|get|version|repo\s+list)(\s|$)/,
|
|
98
|
-
/^\s*aws\s+(?:--profile\s+\S+\s+)?(?:--region\s+\S+\s+)?sts\s+get-caller-identity(\s|$)/,
|
|
99
|
-
/^\s*aws\s+(?:--profile\s+\S+\s+)?(?:--region\s+\S+\s+)?[a-z0-9-]+\s+(describe|list|get|head)-[a-z0-9-]+(\s|$)/,
|
|
100
|
-
/^\s*aws\s+(?:--profile\s+\S+\s+)?(?:--region\s+\S+\s+)?s3\s+ls(\s|$)/,
|
|
101
|
-
/^\s*gcloud\s+(?:--project=\S+\s+)?(?:--account=\S+\s+)?auth\s+list(\s|$)/,
|
|
102
|
-
/^\s*gcloud\s+(?:--project=\S+\s+)?(?:--account=\S+\s+)?config\s+list(\s|$)/,
|
|
103
|
-
/^\s*gcloud\s+(?:--project=\S+\s+)?(?:--account=\S+\s+)?projects\s+(describe|get-iam-policy)(\s|$)/,
|
|
104
|
-
/^\s*gcloud\s+(?:--project=\S+\s+)?(?:--account=\S+\s+)?[a-z0-9-]+(?:\s+[a-z0-9-]+)*\s+(list|describe|read)(\s|$)/,
|
|
105
|
-
/^\s*gcloud\s+storage\s+(buckets|objects)\s+list(\s|$)/,
|
|
106
|
-
/^\s*terraform\s+(version|show|state\s+list|state\s+show|providers|workspace\s+show|output)(\s|$)/,
|
|
107
|
-
/^\s*docker\s+(ps|images|logs|inspect|stats|version|info)(\s|$)/,
|
|
108
|
-
/^\s*(df|du|free|uptime|uname|whoami|id|date|env|printenv)(\s|$)/,
|
|
109
|
-
/^\s*journalctl\s+-k\s+--since\s+/,
|
|
110
|
-
/^\s*(systemctl|journalctl)\s+(status|-u|--unit)(\s|$)/
|
|
111
|
-
];
|
|
112
|
-
|
|
113
|
-
export class ReadOnlyShellPolicy {
|
|
114
|
-
constructor(config = {}) {
|
|
115
|
-
this.config = config;
|
|
116
|
-
}
|
|
117
|
-
|
|
118
|
-
validate(command) {
|
|
119
|
-
const normalized = String(command ?? "").trim();
|
|
120
|
-
|
|
121
|
-
if (!normalized) {
|
|
122
|
-
return { allowed: false, reason: "empty shell command" };
|
|
123
|
-
}
|
|
124
|
-
if (normalized.includes("\n") || normalized.includes("\r")) {
|
|
125
|
-
return { allowed: false, reason: "multi-line shell commands are not allowed" };
|
|
126
|
-
}
|
|
127
|
-
|
|
128
|
-
const mutatingToken = MUTATING_SHELL_TOKENS.find((token) => token.test(normalized));
|
|
129
|
-
if (mutatingToken) {
|
|
130
|
-
return {
|
|
131
|
-
allowed: false,
|
|
132
|
-
reason: `shell command contains mutating or high-risk syntax: ${mutatingToken.source}`
|
|
133
|
-
};
|
|
134
|
-
}
|
|
135
|
-
|
|
136
|
-
if (this.readOnlyPatterns().some((pattern) => pattern.test(normalized))) {
|
|
137
|
-
return { allowed: true, reason: "matches read-only command allowlist" };
|
|
138
|
-
}
|
|
139
|
-
|
|
140
|
-
return { allowed: false, reason: "command is not in the read-only allowlist" };
|
|
141
|
-
}
|
|
142
|
-
|
|
143
|
-
readOnlyPatterns() {
|
|
144
|
-
return [
|
|
145
|
-
...READ_ONLY_COMMAND_PATTERNS,
|
|
146
|
-
...(this.config.extraReadOnlyCommandPatterns ?? [])
|
|
147
|
-
];
|
|
148
|
-
}
|
|
149
|
-
}
|
|
150
|
-
|
|
151
|
-
export class ReadOnlyPolicyDescription {
|
|
152
|
-
text() {
|
|
153
|
-
return [
|
|
154
|
-
"Read-only DevOps policy:",
|
|
155
|
-
`- Auto-approved tools: ${READ_ONLY_ALLOWED_TOOLS.join(", ")}`,
|
|
156
|
-
`- Always denied tools: ${READ_ONLY_DISALLOWED_TOOLS.join(", ")}`,
|
|
157
|
-
"- Bash: denied by default; only explicit read-only command patterns are allowed.",
|
|
158
|
-
"- Filesystem sandbox: enabled with denyWrite on all paths.",
|
|
159
|
-
"- Permission mode: dontAsk, so unapproved tools fail closed."
|
|
160
|
-
].join("\n");
|
|
161
|
-
}
|
|
162
|
-
}
|
|
163
|
-
|
|
164
|
-
export function isReadOnlyShellCommand(command, config = {}) {
|
|
165
|
-
return new ReadOnlyShellPolicy(config).validate(command);
|
|
166
|
-
}
|
|
167
|
-
|
|
168
|
-
export function describeReadOnlyPolicy() {
|
|
169
|
-
return new ReadOnlyPolicyDescription().text();
|
|
170
|
-
}
|